David Ansermot Web Developer / TYPO3 Integrator

Security flaw discovered iOS 4.1

A new security flaw was discovered in iOS 4.1, this flaw allows access to the directory of an iPhone protected by a password.

Handling is fairly simple, just to have an iPhone on iOS 4.1 Protecting a password and :

• Click “Emergency Call”
• Type a number at random, ex: 1234
• Tap on “Call” followed immediately:
• Pressing the power button on the top right.

If you were fast enough, you should find yourself in the application “Phone” of the iPhone and can see the different contacts and even call them!
Namely, this flaw does not appear to be present in the beta iOS 4.2 but there is no fix to date for version 4.1, either by Apple or Cydia.

Posts that maybe you want to read ::

• A flaw in IOS 4.1 allow access to personal datas
• FaceTime for Mac opens the door to a big security flaw in the Apple ID
• Apple FaceTime “security flaw” fixed
• RDS security flaw in Linux Kernel 2.6.30 and higher
• A 12 years old hacker found a critical flaw in Firefox